Channels

Services

Security fixes dominate in Google's Chrome 22

Although there are only a few enhancements in the latest Chrome release, version 22, there are also more than 40 security holes closed, including one that garnered the discoverer $10,000 in bounty. Among the changes are further enhancements for Chrome's support for the Windows 8 operating system, and better support for HiDPI screens such as Apple's MacBook Pro Retina display.

Chrome 22 closes more than 40 security holes, of which one is considered to be critical and 19 are rated as "high severity" by the company. Google sometimes pays out special rewards for bugs found outside of Chrome: in this case, the company rewarded Eetu Luodemaa and Joni Vähämäki from Finnish software firm Documill for a critical Windows kernel memory corruption vulnerability with $5,000. Well-known security expert Sergey Glazunov, who won this year's Pwnie Award for the Best Client-Side Bug, received $15,000 in total for two UXSS vulnerabilities in frame handling and V8 JavaScript bindings.

Other problems corrected include use-after-free issues in onclick handling and SVG text references, out-of-bounds writes in the Skia graphics library, a buffer overflow in SSE2 optimisations, an integer overflow in WebGL on Mac systems, and 18 separate issues in the PDF viewer. In all, Google paid out a record $29,500 to security researchers for discovering and reporting these holes as part of its Chromium Security Vulnerability Rewards program; the previous record was $26,511 for holes closed in Chrome 15 from October of last year.

As is usual with these fixes, further details about the underlying security holes have not yet been disclosed in order to give users time to update to the new version. The developers also note that the Beta channel has been updated to version 22.0.1229.79; Chrome 23, which is currently in the Dev channel, is expected to be promoted to Beta status in the coming weeks.

Mozilla's BananaBread online 3D first-person shooter game takes advantage of the Pointer Lock API
Source: Mozilla
For developers, Chrome 22 introduces support for the Pointer Lock API. Sometimes referred to as Mouse Lock, this API enables developers to create web applications that better control how the mouse is used and how it interacts with the browser itself. This can be especially useful for web-based 3D games such as first-person shooters to prevent the mouse from moving outside of the current window or hitting the edge of the screen when controlling the perspective. Users can try it for themselves using an online demo 3D FPS game called BananaBread from Mozilla; Pointer Lock API support was added to Firefox in version 14 from mid-July.

Further information about the release, including a full list of security fixes, can be found in post on the Google Chrome Releases blog. Chrome 22.0.1229.79 can be downloaded from google.com/chrome for Windows, Mac OS X and Linux, while existing users can upgrade using the built-in update function. Chrome is built from Chromium, the open source browser project run by Google.